DrChrono gray logo Mobile menu icon

DrChrono Terms and Conditions

Last updated: Dec 7, 2022

DrChrono, Inc. (“Company”) requires users of its services, including any entity executing an order form (“Customer”) that references these terms to accept and adhere to these terms and conditions (the, “Agreement”). This Agreement governs the purchase and use of Company’s services and is accepted by executing an order form that references this Agreement or by using or accessing Company’s services. Company may update this Agreement from time to time and Customer will have 30 days to reject the updated terms by providing written notice to Company. If Customer continues to use or receive the services following such period, the updated Agreement will be deemed accepted.

1. Order Form

Services will be ordered by Customer pursuant to executed order forms (each, an “Order Form”). Each Order Form will include the specific services being ordered including professional services, RCM Services (as defined below) and the associated fees and any additional terms as applicable (herein referred to collectively as the “Service”). Each additional Order Form will be numbered sequentially (e.g. Order Form 1, 2, 3, etc.) and upon the Effective Date on any Order Form, each Order Form will be deemed an addendum hereto and will be subject to all of the terms and conditions herein. Any one of Customer’s subsidiaries or affiliates may also order services under this Agreement by entering into an Order Form signed by such subsidiary or affiliate and Company and agreeing to be bound by the terms of this Agreement and such Order Form.

2. Software/Service.

2.1. Rights for Use. Company hereby grants to Customer during the term of this Agreement a non-exclusive, non-transferrable (except as provided herein) right to access and use the Service which includes any written materials including user guides, templates, documentation and training materials provided by Company. Customer shall be responsible for each user’s use of the Service in accordance with the terms of this Agreement.

2.2. Accounts; Security. Access to or use of certain portions and features of the Service may require you to create an account. Customer states that all information provided by it is current, accurate, complete, and not misleading. Customer further states that it will maintain and update all information provided by it to ensure accuracy on a prompt, timely basis. Customer is entirely responsible for maintaining the confidentiality and security of its account(s), including the password. Accounts are not transferrable. Customer agrees to promptly notify Company if Customer becomes aware or suspects any unauthorized use of its accounts, including any unauthorized access or attempted access. Customer is responsible for all activities that occur under its account(s). Further, Customer is the primary account holder and is responsible for all charges made by additional users added to the accounts. A user license is required for each person utilizing Customer’s master account, or other data generated through the use of the Service. Any sharing of such data or accounts to reduce the number of licenses required or sharing account information in any way is strictly prohibited.

2.3. Restrictions on Use. In accessing or using the Service, Customer will not: (a) resell, lease, encumber, sublicense, distribute, publish, transmit, transfer, assign or provide such access or use to any third party in any medium whatsoever; (b) devise specifications from, reverse engineer, reverse compile, disassemble, or create derivative works based on the Service; (c) apply systems to extract or modify information in the Service using technology or method such as those commonly referred to as “web scraping,” “data scraping,” or “screen scraping”; (d) knowingly input or post through or to the Service any content that is illegal, threatening, harmful, lewd, offensive, or defamatory or that infringes the intellectual property rights, privacy rights or rights of publicity of others, (e) store data on the Service that is regulated by the PCI Data Standards (f) input or transmit through or to the Service any virus, worm, Trojan Horse, or other mechanism that could damage or impair the operation of the Service or grant unauthorized access thereto; (g) use or access the Service for purposes of monitoring the availability, performance or functionality of the Service or for any other benchmarking or competitive purposes; or (h) cause, assist, allow or permit any third party (including an end-user) to do any of the foregoing; (i) use the Service to compete with Company in any way; or (j) permit any third party to use or access the Service other than Customer’s direct employees, contractors who are acting on Customer’s behalf and Customer’s authorized users.

2.4. Audit. Company shall have the right to monitor Customer’s use of the Service to verify compliance with this Agreement by electronically monitoring Customer activity or by conducting an on-site audit either by Company or through its agent, upon reasonable notice and during normal business hours, not more than once per year. If monitoring or audit activities reveal the number of users is in excess of Customer’s paid licenses or that Customer is using the Service in excess of any license limitations as specified in any relevant Order Form, Customer will pay additional Fees due to Company based on the first date of Customer’s breach and Company reserves the right to increase the Fees under the Agreement to align with Client’s historical usage and then-current pricing of the appropriate license.

2.5. Maintenance. Customer agrees that Company may install software updates, error corrections, and software upgrades to the Service as Company deems necessary from time to time. All such updates, error corrections and upgrades will be considered part of the Service for purposes of this Agreement.

2.6. Applicable Laws. Customer’s access to and use of the Service is subject to all applicable international, federal, state and local laws and regulations. Customer may not use the Service or any information data or Customer Data (as defined below) in violation of or to violate any law, rule or regulation. Ensuring Customer’s use of the Service is compliant with applicable laws is the responsibility of Customer. In addition to laws and regulations, Customer will comply with applicable Medicare and third-party payer rules and policies related to treatment, reimbursement and billing procedures. Customer will be responsible for ensuring medical necessity and for accurately documenting medical services rendered and submitted for billing. Customer will immediately notify Company of any errors in data submitted to Company that may affect Customer’s billings.

2.7. Suspension of Service. Company has the right to immediately suspend the Service (a) in order to prevent damage to or degradation of the Service or unauthorized or non-compliant use or (b) for operational reasons such as repair, maintenance, or improvement or because of any emergency, or (c) if, following notice from Company, Customer has failed to pay any amounts due and owing. In the case of (a) or (b) Company will give Customer prior notice if reasonable and will ensure that the Service is restored as soon as possible after the event given rise to suspension has been resolved to Company’s reasonable satisfaction.

3. Customer Data.

3.1. Data Licenses. As between Company and Customer, all title and intellectual property rights in and to all electronic data or information submitted to and stored in the Service that is owned by Customer (“Customer Content”) is owned by Customer. Customer acknowledges and agrees that in connection with the provision of the Services, Company may store and maintain Customer Content for a period of time consistent with Company’s standard business processes for the Service. Following expiration or termination of the Agreement or a Customer account, if applicable, Company may deactivate the applicable Customer account(s) and delete any data therein. Customer grants Company the right to host, use, process, display and transmit Customer Content to provide the Services pursuant to and in accordance with this Agreement, the Business Associate Agreement attached as Exhibit A hereto and the applicable Order Form. Customer has sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness of Customer Content, and for obtaining all rights related to Customer Content required by Company to perform the Services. The Service does not replace the need for Customer to maintain regular backups or redundant data archives. Company has no obligation or liability for any loss, alteration, destruction, damage, corruption, or recovery of Customer Content.

3.2. Data Import. Customer will provide data to be imported into the Service in an acceptable format as specified by Company, and Customer will provide to Company any such data in a timely manner and no later than 30 days after the Effective Date or any relevant Order Form. Company will not be able to import data or provide Services if files are improperly formatted, corrupt, incompatible, or contain errors or malicious code.

3.3. Data Export. As specified in any relevant Order Form between the parties, if Customer requests Company to provide professional services for the export of any Customer Content, Company will provide to Customer the applicable Customer Content export file via Company’s designated secure delivery method as feasible. Customer agrees that any such Customer Content export files are provided by Company as-is and that Company is not responsible for any errors or omissions in the export file or for any corruption of the Customer Content that may occur.

3.4. American Medical Association Content. As part of the Services, Company may provide Customer use of certain licensed content (“Licensed Content”) from the American Medical Association (“AMA”). Such Licensed Content is made available to Customer subject to the AMA End User Agreement attached as Exhibit B hereto. Customer understands that these terms and conditions are subject to change from time to time and agrees to cooperate in the execution of an amendment to this Agreement to update Exhibit B as may be required by the AMA.

3.5. Aggregated Data. Customer agrees that, subject to Company’s confidentiality obligations in this Agreement, Company may (a) capture data regarding the use of the Service by Customer and its end users, (b) collect metrics and data included in the Customer Content, and (c) aggregate and analyze any metrics and data collected pursuant to subsections (a) and/or (b) of this sentence (collectively, the “Aggregated Data”). Customer agrees that Company may use, reproduce, distribute and prepare derivative works from the Customer Content, solely as incorporated into Aggregated Data, provided that under no circumstances will Company use the Aggregated Data in a way that identifies Customer or its users as the source of the data or in violation of applicable law.

4. Third Party Services.

Except as otherwise agreed by Company in writing or subject to the Company’s API Development Terms and Conditions, Customer is prohibited from linking to the Service, framing of all or any portion of the Service, and the extraction of data from the Service. Company reserves the right to disable any unauthorized links or frames. Company will not be responsible and expressly disclaims any liability for any third party services that Customer may use or connect to through the Service, including any responsibility for the availability of such third-party services. If Customer activates any APIs or links to enable data sharing through the Service with any third parties or directs Company to do so on its behalf, Customer thereby authorizes Company to send and receive Customer Content with any such activated service and represents and warrants to Company that Customer has all appropriate right and title to grant such authorization. Customer will be solely responsible for any third-party fees related to the third-party services and compliance with any applicable third party service terms.

5. Revenue Cycle Management.

Revenue cycle management services means billing patients and third-party payers (“TPPs”) by Company for medical services generated by Customer and furnishing monthly summaries of accounts (“RCM Services”). If Customer orders RCM Services pursuant to any Order Form, the terms of the Revenue Cycle Management Services Addendum attached hereto as Exhibit C will apply.

6. Intellectual Property.

6.1. Proprietary Rights. Company’s intellectual property, including without limitation the Service, its trademarks and copyrights and excluding any Customer Content contained therein, and any modification thereof, are and will remain the exclusive property of Company and its licensors. No licenses or rights are granted to Customer except for the limited rights expressly granted in this Agreement.

6.2. Feedback. Customer agrees that advice, feedback, criticism, insights regarding clinical workflows, templates developed by Customer stored within Service or comments provided to Company related to the Service (“Feedback”) are given to Company and may be used by Company freely and without restriction and will not enable Customer to claim any interest, ownership or royalty in Company’s intellectual property. Customer hereby irrevocably assigns to Company your entire right, title and interest in and to the Feedback without restriction.

7. Payment and Taxes.

7.1. Payment. Fees are set forth in the applicable Order Form (“Fees”). Upon execution of any Order Form that includes professional services, Company will invoice Customer for any such professional service Fees as of the Order Form’s Effective Date, and Company will not perform any professional services until Fees related to those professional services are paid in full. Any usage Fees, as set forth in an applicable Service Order, will be billed monthly and in arrears. Fees owed by Customer to Company will be automatically debited from the bank account or other electronic payment method for which Customer has provided applicable account information and Customer hereby authorizes Company to perform all such debits. Company will send invoices to the contact(s) provided in an Order Form. Unless otherwise set forth in the applicable Order Form, Fees are due and payable by Customer within 10 days of receipt of the invoice for such Fees. An administrative late charge of $35.00 per invoice per month will be charged for any electronic transaction that is declined, any returned check or any invoice more than 60 days past due. Additionally, undisputed amounts that are past due will be subject to a monthly charge of 1.5% per month or the maximum rate permitted by law, whichever is less. Customer waives the right to contest billing discrepancies that are not reported within two billing cycles. Customer agrees to pay all reasonable costs of collection in the event any amount is not paid when due. Company, upon notice to Customer, which notice may be in the form of an invoice, will have the right to change Fees effective any time, which right will include without limitation the right to charge a Fee for new features or functions of the Service or for features or functions that have previously been offered at no charge. Unless otherwise noted in the Order Form, all Fees are payable in United States Dollars, and non-refundable.

7.2. Automatic Payment Terms. Customer authorizes Company to charge the credit card information provided, or debit the bank account information provided, as applicable, beginning as of the Effective Date and monthly thereafter, for all applicable fees due as defined in the Agreement. Customer understands that this authorization will remain in effect until it is canceled in writing and agrees to notify Company in writing of any changes in Customer’s account information or termination of this authorization at least 15 days prior to the next billing date. If the payment date falls on a weekend or holiday, Customer understands that payments may be executed on the next business day. For ACH debits to a checking/savings account, Customer understands that because these are electronic transactions, these funds may be withdrawn from Customer’s account as of the payment date, and that it will have limited time to report and dispute errors. In the case the ACH transaction is returned for Non Sufficient Funds (“NSF”) Customer understands that Company may at its discretion attempt to process the charge again within 30 days, and agrees to an additional charge for each attempt returned NSF, which will be initiated as a separate transaction from the authorized payment. Customer has certified that the business bank account information provided is enabled for ACH transactions, and agrees to reimburse Company for all penalties and fees incurred as a result of Customer’s bank rejecting ACH debits or credits as a result of the account not being properly configured for ACH transactions. Both parties agree to be bound by NACHA Operating Rules as they pertain to these transactions. Customer acknowledges that the origination of ACH transactions to its account must comply with the provisions of U.S. law. Customer agrees not to dispute these scheduled transactions with its bank or credit card company provided the transactions correspond to the terms indicated in this Agreement.

7.3. Upgrades and Downgrades. An upgrade or downgrade (if applicable) of Customer’s Services will not result in a pro-rated refund due to client this includes, but is not limited to, any Customer requests to remove user licenses from the account during any then-current term. Upgrades are effective immediately, Company will charge Customer any associated Fee increases as of the date the upgraded features are made available to Customer.

7.4. Taxes. Company Fees do not include any local, state, federal or foreign taxes, levies or duties of any nature, including value-added, sales, use or withholding taxes (“Taxes”). Customer is responsible for paying all Taxes for which Customer is responsible under this Section. Company may invoice taxes to Customer as required by local law, and Customer will pay such taxes, unless Customer provides Company with a valid tax exemption certificate authorized by the appropriate taxing authority.

7.5. Travel Expenses. If Customer and Company mutually determine that travel is required in relation to Company’s provision of the Services, any such travel expenses including reasonable transportation, lodging and meals expenses incurred are subject to Customer’s prior written approval. In the event that Customer cancels or reschedules any travel that has already been approved by Customer, Customer will pay to Company any cancellation and change Fees related to such travel, as applicable.

8. Term and Termination.

8.1. Term. This Agreement will be effective as of the effective date listed in the initial Order Form (the “Effective Date”) and remain in effect until (a) all executed Order Forms have expired or been terminated or (b) terminated by either party as permitted by this Agreement. Unless otherwise stated in the Order Form the initial term will be for thirty-six months, thereafter, the Order Form will automatically renew for successive periods equal to the initial term, unless cancelled by either party in accordance with this Agreement.

8.2. Termination. Either party may terminate this Agreement by providing 30 days’ written notice prior to the end of the then current term. Either party may terminate this Agreement immediately for a breach by the other party of any of its material terms, if the breaching party has failed to cure such breach (if curable) within 30 days of receipt of written notice from the non-breaching party describing the breach. Either party may terminate this Agreement without notice if the other party becomes insolvent, makes or has made an assignment for the benefit of creditors, is the subject of proceedings in voluntary or involuntary bankruptcy instituted on behalf of or against such party (except for involuntary bankruptcies which are dismissed within 60 days), or has a receiver or trustee appointed for substantially all of its property.

8.3. Effects of Termination. Upon the expiration or termination of this Agreement for any reason, (a) Customer will immediately cease using the Service, (b) Customer Content may be retained for 30 days and then destroyed, destroyed data cannot be recovered and Company will have no liability to Customer for such destruction; (c) upon request, each party will return or destroy all Confidential Information of the other party, provided, that each party may retain one copy of the Confidential information of the other party as necessary to comply with applicable law or its records retention or archival policies or practices (and such retained Confidential Information will remain subject the non-disclosure obligations in this Agreement); and (d) any unpaid, undisputed amounts due through termination will become immediately due and payable.

8.4. Termination for Customer Breach and Effects. In the event the Fees owed by Customer to Company are past due by more than 90 days or if Company terminates the Agreement due to Customer’s un-cured material breach of the Agreement, Company will have the option to terminate the Agreement, effective immediately, upon written notice to Customer. Upon Company’s termination under this Section 8.4, Customer will be immediately responsible to pay a “Final Payment” which is calculated as the greater of: (a) monthly Fees contained in any then current Order Form(s) multiplied by the number of months remaining in the then current Term; or (b) the average Fees charged to Customer over the prior 3 invoices multiplied by the number of months remaining in the then current Term. The parties further agree that this Final Payment does not constitute a penalty and that this Final Payment is a reasonable estimate in light of the anticipated harm caused by Customer non-payment or material breach of this Agreement.

8.5. Survival. Any provisions of this Agreement that expressly, or by implication, are intended to survive its termination or expiration will survive and continue to bind the parties, including without limitation provisions relating to confidentiality, representations and warranties, indemnification, limitations on liability, intellectual property, and Customer’s payment obligations under this Agreement.

9. Confidential Information.

9.1. Confidential Information. “Confidential Information” means any information disclosed by one party to the other whether orally or in writing that is designated as confidential or that reasonably should be understood by the receiving party to be confidential, notwithstanding the failure of the disclosing party to designate it as such. Confidential Information may include information that is proprietary to a third party and is disclosed by one party to another pursuant to this Agreement. The Service, all features and functions thereof and related pricing and product plans will be the Confidential Information of Company.

9.2. Non-Disclosure. Each party agrees to maintain the confidentiality of the other party’s Confidential Information with the same security and measures it uses to protect its own Confidential Information of a similar nature (but in no event less than reasonable security and measures) and not to use such Confidential Information except as necessary to perform its obligations or exercise its rights under this Agreement. The receiving party may disclose Confidential Information of the disclosing party to those employees, officers, directors, agents, affiliates, consultants, users, and suppliers who need to know such Confidential Information for the purpose of carrying out the activities contemplated by this Agreement and who have agreed to confidentiality provisions that are no less restrictive than the requirements herein. Such party will be responsible for any improper use or disclosure of the disclosing party’s Confidential Information by any such parties. Except as expressly permitted by this Section, the receiving party will not disclose or facilitate the disclosure of Confidential Information of the disclosing party to any third party. The restrictions in this Section shall continue until such time as the information is covered by an exclusion set forth below.

9.3. Exclusions. The receiving party will have no obligation under this Section with respect to information provided by the disclosing party that: (a) is or becomes generally available to the public other than as a result of a breach of this Agreement by the receiving party, (b) is or becomes available to the receiving party from a source other than the disclosing party, provided that such source is not known to the receiving party to be bound by an obligation of confidentiality to the disclosing party with respect to such information, (c) was in the receiving party’s possession prior to disclosure by the disclosing party, or (d) is independently developed by the receiving party without reference to the Confidential Information. Further either party may disclose Confidential Information (i) as required by any court or other governmental body or as otherwise required by law, or (ii) as necessary for the enforcement of this Agreement or its rights hereunder.

10. Disclaimers.


11. Limitation of Liability.


12. Indemnification.

Customer agrees to defend and indemnify Company and its affiliates from and against any legal action, demand, suit, or proceeding brought against Company or its affiliates by a third party arising out of or related to the Customer Content or Customer’s use of the Service.

13. No Medical Advice Given.

The Service is not an attempt to practice medicine or provide specific medical advice. The Service is not intended to be a substitute for professional medical advice, diagnosis or treatment.

14. Publicity.

Customer hereby consents to Company identifying Customer as a customer by name and logo in Company’s promotional materials, subject to Customer’s right to revoke such consent in writing at any time. Upon such revocation, Company will have 30 days to process Customer’s request.

15. Assignment.

Customer may not assign or transfer this Agreement or any of its rights or obligations hereunder in whole or in part without the prior written consent of Company. Subject to the foregoing, this Agreement will inure to the benefit of, be binding upon, and be enforceable against, each of the parties hereto and their respective successors and assigns.

16. Notices.

Any notice required under this Agreement will be provided to the other party in writing. If Customer wishes to provide notice to Company, Customer will send notice via email to: legal@EverCommerce.com. Company will send notices to one or more contact(s) on file for Customer. Notices from Company, other than for a breach of this Agreement may be provided within the Service.

17. Attorney’s Fees.

In the event any proceeding or lawsuit is brought in connection with this Agreement, the prevailing party in such proceeding will be entitled to receive its reasonable costs, expert witness and attorneys’ fees.

18. Relationship of the Parties.

This Agreement does not create any joint venture, partnership, agency, or employment relationship between the parties.

19. No Third Party Beneficiaries.

This Agreement is being entered into for the sole benefit of the parties hereto, and nothing herein, express or implied, is intended to or will confer upon any other person or entity any legal or equitable right, benefit or remedy of any nature whatsoever.

20. Equitable Remedies.

Each party acknowledges and agrees that (a) a breach or threatened breach by such party may give rise to irreparable harm to the other party for which monetary damages may not be an adequate remedy; and (b) if a breach or threatened breach by such party occurs, the other party will in addition to any and all other rights and remedies that may be available to such other party at law, at equity or otherwise in respect of such breach, be entitled to seek equitable relief that may be available from a court of competent jurisdiction, without any requirement to post a bond or other security.

21. Force Majeure.

Neither party will be liable under this Agreement for any failure or delay in the performance of its obligations (except for the payment of money) on account of strikes, shortages, riots, insurrections, fires, flood, storm, explosions, acts of God, war, governmental action, labor conditions, earthquakes, material shortages, or any other cause that is beyond the reasonable control of such party.

22. Limitation of Claims.

No legal proceedings, regardless of form, arising under or relating to this Agreement may be brought by Customer more than six months after it first have actual knowledge of the facts giving rise to the cause of action.

23. Export Compliance.

Customer must comply with United States, foreign and international laws and regulations, including without limitation, the United States Export Administration Regulations and the United States Office of Foreign Asset Control regulations, and other anti-boycott and import regulations. Such export laws govern use of the Service including technical data and any Service deliverables provided under this Agreement and Customer agrees to comply with all such laws and regulations (including “deemed export” and “deemed re-export” regulations). Customer is responsible for ensuring that no data, information, software programs and/or materials resulting from the Service (or direct product thereof) will be exported directly or indirectly in violation of these laws. Customer will indemnify Company for any violation by Customer of any applicable export controls or economic sanctions laws and regulations.

24. Governing Law, Jurisdiction and Venue.

This Agreement will be governed by and construed in all respects in accordance with the laws of the state of Delaware, without regard to its conflicts of laws principles. Each party hereby consents to the exclusive venue and jurisdiction of the federal courts of Delaware. THE PARTIES FURTHER AGREE, TO THE EXTENT PERMITTED BY APPLICABLE LAW, TO WAIVE ANY RIGHT TO TRIAL BY JURY WITH RESPECT TO ANY CLAIM, COUNTERCLAIM OR ACTION ARISING FROM THE TERMS OF THIS AGREEMENT.

25. Severability, Waiver and Amendment.

If any provision of this Agreement is held by a court of competent jurisdiction to be unenforceable or invalid, such provision will be changed and interpreted as to best accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions will remain in full force and effect. No waiver of any term or right in this Agreement will be effective unless made in writing and signed by an authorized representative of the waiving party. Any waiver or failure to enforce any provision of this Agreement will not be deemed a waiver of future enforcement of that or any other provision. Except to the extent otherwise expressly provided in this Agreement, this Agreement may only be amended in writing signed by both parties hereto.

26. Counterparts, Entire Agreement and Order of Precedence.

This Agreement or any Order Form may be executed in one or more counterparts, each of which will be deemed an original, but all of which together will constitute one and the same instrument. This Agreement, together with any Order Form(s) and the Business Associate Agreement states the entire agreement of the parties regarding the subject matter of this Agreement, and supersedes all prior proposals, agreements or other communications between the parties, oral or written, regarding such subject matter. If an ambiguity or conflict exists among the documents the order of precedence will be: (a) the terms and conditions of an Order Form; (b) the terms and conditions of the Business Associate Agreement; (c) the terms and conditions of any RCM Services Addendum, as applicable; and (c) the terms and conditions of this Agreement. Any preprinted terms on any purchase order are hereby expressly rejected by Company and will be of no force or effect.

Exhibit A


This HIPAA Business Associate Agreement (“BAA”) amends and is made part of that certain Terms and Conditions (“Service Agreement”) by and between Customer (“Entity”) and DrChrono, Inc. (“Associate”).

Entity and Associate agree that the parties incorporate this BAA into the Service Agreement in order to comply with the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act (“HITECH”) and their implementing regulations set forth at 45 C.F.R. Parts 160 and Part 164 (the “HIPAA Rules”). To the extent Associate is acting as a Business Associate of Entity pursuant to the Service Agreement, the provisions of this BAA shall apply, and Associate shall be subject to the penalty provisions of HIPAA as specified in 45 CFR Part 160.

1. Definitions.

Capitalized terms not otherwise defined in this BAA shall have the meaning set forth in the HIPAA Rules. References to “PHI” mean Protected Health Information maintained, created, received or transmitted by Associate from Entity or on Entity’s behalf.

2. Uses or Disclosures.

Associate will neither use nor disclose PHI except as permitted or required by this BAA or as Required By Law. To the extent Associate is to carry out an obligation of Entity under the HIPAA Rules, Associate shall comply with the requirements of the HIPAA Rules that apply to Entity in the performance of such obligation. Associate is permitted to use and disclose PHI:

  1. to perform any and all obligations of Associate as described in the Service Agreement, provided that such use or disclosure would not violate the HIPAA Rules if done by Entity directly;
  2. otherwise permitted by law, provided that such use or disclosure would not violate the HIPAA Rules, if done by Entity directly and provided that Entity gives its prior written consent;
  3. to perform Data Aggregation services relating to the health care operations of Entity;
  4. to report violations of the law to federal or state authorities consistent with 45 C.F.R. § 164.502(j)(1);
  5. as necessary for Associate’s proper management and administration and to carry out Associate’s legal responsibilities (collectively “Associate’s Operations”), provided that Associate may only disclose PHI for Associate’s Operations if the disclosure is Required By Law or Associate obtains reasonable assurance, evidenced by a written contract, from the recipient that the recipient will: (1) hold such PHI in confidence and use or further disclose it only for the purpose for which Associate disclosed it to the recipient or as Required By Law; and (2) notify Associate of any instance of which the recipient becomes aware in which the confidentiality of such PHI was breached;
  6. to de-identify PHI in accordance with 45 C.F.R. § 164.514(b), provided that such de-identified information may be used and disclosed only consistent with applicable law.
In the event Entity notifies Associate of a restriction request that would restrict a use or disclosure otherwise permitted by this BAA, Associate shall comply with the terms of the restriction request.

3. Safeguards.

Associate will use appropriate administrative, technical and physical safeguards to prevent the use or disclosure of PHI other than as permitted by this BAA. Associate will also comply with the provisions of 45 CFR Part 164, Subpart C of the HIPAA Rules with respect to electronic PHI to prevent any use or disclosure of such information other than as provided by this BAA.

4. Subcontractors.

In accordance with 45 CFR §§ 164.308(b)(2) and 164.502(e)(1)(ii), Associate will ensure that all of its subcontractors that create, receive, maintain or transmit PHI on behalf of Associate agree by written contract to comply with the same restrictions and conditions that apply to Associate with respect to such PHI.

5. Minimum Necessary.

Associate represents that the PHI requested, used or disclosed by Associate shall be the minimum amount necessary to carry out the purposes of the Service Agreement. Associate will limit its uses and disclosures of, and requests for, PHI (i) when practical, to the information making up a Limited Data Set; and (ii) in all other cases subject to the requirements of 45 CFR § 164.502(b), to the minimum amount of PHI necessary to accomplish the intended purpose of the use, disclosure or request.

6. Obligations of Entity.

Entity shall notify Associate of (i) any limitations in its notice of privacy practices, (ii) any changes in, or revocation of, permission by an individual to use or disclose PHI, and (iii) any confidential communication request or restriction on the use or disclosure of PHI that Entity has agreed to or with which Entity is required to comply, to the extent any of the foregoing affect Associate’s use or disclosure of PHI.

7. Access and Amendment.

In accordance with 45 CFR § 164.524, Associate shall permit Entity or, at Entity’s request, an individual (or the individual’s designee) to inspect and obtain copies of any PHI about the individual that is in Associate’s custody or control and that is maintained in a Designated Record Set. If the requested PHI is maintained electronically, Associate must provide a copy of the PHI in the electronic form and format requested by the individual, if it is readily producible, or, if not, in a readable electronic form and format as agreed to by Entity and the individual. Associate will, upon receipt of notice from Entity, promptly amend or permit Entity access to amend PHI so that Entity may meet its amendment obligations under 45 CFR § 164.526.

8. Accounting.

Except for disclosures excluded from the accounting obligation by the HIPAA Rules and regulations issued pursuant to HITECH, Associate will record for each disclosure that Associate makes of PHI the information necessary for Entity to make an accounting of disclosures pursuant to the HIPAA Rules. In the event the U.S. Department of Health and Human Services (“HHS”) finalizes regulations requiring Covered Entities to provide access reports, Associate shall also record such information with respect to electronic PHI held by Associate as would be required under the regulations for Covered Entities beginning on the effective date of such regulations. Associate will make information required to be recorded pursuant to this Section available to Entity promptly upon Entity’s request for the period requested, but for no longer than required by the HIPAA Rules (except Associate need not have any information for disclosures occurring before the effective date of this BAA).

9. Inspection of Books and Records.

Associate will make its internal practices, books, and records, relating to its use and disclosure of PHI, available upon request HHS to determine compliance with the HIPAA Rules.

10. Reporting.

To the extent Associate becomes aware or discovers any use or disclosure of PHI not permitted by this BAA, any Security Incident involving electronic PHI or any Breach of Unsecured Protected Health Information involving PHI, Associate shall promptly report such use, disclosure, Security Incident or Breach to Entity. Associate shall mitigate, to the extent practicable, any harmful effect known to it of a Security Incident, Breach or use or disclosure of PHI by Associate not permitted by this BAA. Notwithstanding the foregoing, the parties acknowledge and agree that this section constitutes notice by Associate to Entity of the ongoing existence and occurrence of attempted but Unsuccessful Security Incidents (as defined below) for which no additional notice to Entity shall be required. “Unsuccessful Security Incidents” shall include, but not be limited to, pings and other broadcast attacks on Associate’s firewall, port scans, unsuccessful log-on attempts, denials of service and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of electronic PHI. All reports of Breaches shall be made in compliance with 45 CFR § 164.410.

11. Term and Termination.

This BAA shall be effective as of the effective date of the Service Agreement and shall remain in effect until termination of the Service Agreement. Either party may terminate this BAA and the Service Agreement effective immediately if it determines that the other party has breached a material provision of this BAA and failed to cure such breach within thirty (30) days of being notified by the other party of the breach. If the non-breaching party determines that cure is not possible, such party may terminate this BAA and the Service Agreement effective immediately upon written notice to other party.

Upon termination of this BAA for any reason, Associate will, if feasible, return to Entity or destroy all PHI maintained by Associate in any form or medium, including all copies of such PHI. Further, Associate shall recover any PHI in the possession of its agents and subcontractors and return to Entity or securely destroy all such PHI. In the event that Associate determines that returning or destroying any PHI is infeasible, Associate may maintain such PHI but shall continue to abide by the terms and conditions of this BAA with respect to such PHI and shall limit its further use or disclosure of such PHI to those purposes that make return or destruction of the PHI infeasible. Upon termination of this BAA for any reason, all of Associate’s obligations under this BAA shall survive termination and remain in effect (a) until Associate has completed the return or destruction of PHI as required by this Section and (b) to the extent Associate retains any PHI pursuant to this Section.

12. General Provisions.

In the event that any final regulation or amendment to final regulations is promulgated by HHS or other government regulatory authority with respect to PHI, the parties shall negotiate in good faith to amend this BAA to remain in compliance with such regulations. Any ambiguity in this BAA shall be resolved to permit Entity and Associate to comply with the HIPAA Rules. Nothing in this BAA shall be construed to create any rights or remedies in any third parties or any agency relationship between the parties. A reference in this BAA to a section in the HIPAA Rules means the section as in effect or as amended. The terms and conditions of this BAA override and control any conflicting term or condition of the Service Agreement and replace and supersede any prior business associate agreements in place between the parties. All non-conflicting terms and conditions of the Service Agreement remain in full force and effect.

Exhibit B

AMA End User Agreement

This American Medical Association End User Agreement is made a part of the Terms and Conditions (“Agreement”) by and between DrChrono, Inc. (“Company”) and the Customer. Capitalized terms not otherwise defined in this Addendum shall have the meaning set forth in the Agreement.

  1. Licensed Content is copyrighted by the AMA and CPT is a registered trademark of the AMA.
  2. Company, as a party to a license agreement with the AMA, is authorized to grant Customer a limited, non-exclusive, non-transferable, non-sublicensable license for Customer to use Licensed Content in the Services, for the sole purpose of internal use by Customer within the United States. The sublicense granted will automatically terminate upon termination of the agreement between Company and the AMA, unless prior written consent of AMA is obtained by Company or a direct license between Customer and AMA is entered.
  3. The provision of updated Licensed Content in the Services is dependent on a continuing contractual relationship between end user and the AMA.
  4. Customer is prohibited from making Licensed Content publicly available creating derivative works (including translating), transferring, selling, leasing, licensing, or otherwise making available to any unauthorized party, the Services, or a copy or portion of the Licensed Content.
  5. Customer expressly acknowledges and agrees to the extent permitted by applicable law, use of the Licensed Content is at Customer’s sole risk and the Licensed Content is provided “as is” without warranty of any kind. The AMA does not directly or indirectly practice medicine or dispense medical services. Fee schedules, relative value units, conversion factors and/or related components are not assigned by the AMA, are not part of CPT, and the AMA is not recommending their use. The Licensed Content does not replace the AMA’s Current Procedural Terminology book or other appropriate coding authority. The coding information contained in the Licensed Content should be used only as a guide.
  6. Customer is required to keep records and submit reports including information necessary for the calculation of royalties payable to the AMA by Company, of the same type as required of Company. All records and reports required under this Section shall be subject to audit by the AMA.
  7. U.S. Government End Users. CPT is commercial technical data, which was developed exclusively at private expense by the American Medical Association (AMA), 330 North Wabash Avenue, Chicago, Illinois 60611. This agreement does not grant the Federal Government a direct license to use CPT based on FAR 52.227-17 (Data Rights – General) and DFARS 252.227-7015 (Technical Data – Commercial Items).
  8. Customer must ensure that anyone with authorized access to the Services will comply with the provisions of this Agreement.
  9. Customer acknowledges that the AMA is a third-party beneficiary to the Agreement.
  10. Customer expressly consents to the release of its name to the AMA.



If Customer orders RCM Services pursuant to any Order Form, the terms of this Revenue Cycle Management Services Addendum (“Addendum”) will apply and is made a part of the Terms and Conditions (“Agreement”) by and between DrChrono, Inc. (“Company”) and the Customer. Capitalized terms not otherwise defined in this Addendum shall have the meaning set forth in the Agreement.

1. Revenue Cycle Management Services.

RCM Services may be purchased pursuant to an applicable Order Form between Company and Customer. All costs in providing source data to Company for the RCM Services shall be borne by Customer and Company shall be responsible for all costs of providing the RCM Services, provided, however, any costs for attorneys or collection agencies incurred with respect to collection of delinquent accounts shall be borne by Customer, and Company shall not incur such costs on behalf of Customer without the prior written consent of Customer. Customer’s approval will be obtained prior to selection of a collection agent, the turning over of accounts for collection and the taking of legal action against such accounts. Any consent or approval by Customer contemplated hereby will not be unreasonably withheld, conditioned, or delayed. Starting on the Claims Live Date as specified in an applicable Order Form, Customer authorizes Company to perform the RCM Services contemplated in the Agreement in addition to all Company Services delineated in the RCM Scope of Services Grid. By providing Company with credentials to a Customer’s payment processing system, Customer authorizes Company to enter Customer patient payments in that system on its behalf.

2. Billing Policies.

All TPPs and patients shall be instructed to make payments payable to Customer and said checks, and/or insurance monies, will be mailed directly to a post office box, lock box, or other address as designated by Customer. Customer is responsible for ensuring security at the location Customer designates to receive payments and to post payments directly into their bank account. Customer is also responsible to scan or mail copies of all checks and paper Explanations of Benefits (EOBs) to Company. At no time, or under any circumstances, shall Company have access to the funds received by Customer as a result of medical services provided. Company will not, under any circumstances cancel existing charge balances of any patient without written instruction from Customer. Exceptions to this policy include contractual managed care write-offs, pre-defined small balance write-offs, bankruptcies and other appropriate, non-collectable payer adjustments. Customer shall not discharge any patient balance prior to the standard billing cycle, with the exception of financial hardship cases which are approved in writing by Customer. In the event Company provides Credentialing Services to Customer, if there is a denial due to the sole fault of Company in submitting the Customer application, and not due to malpractice or any other cause resulting from Customer, Company will resubmit the Customer application. No refunds of any Fees will be issued to Customer due to denial for any reason of Customer applications submitted by Company for Credentialing Services.

3. Responsibilities of Customer.

Except for in the event that Company is providing to the Customer RCM Services with a Claims Live Date that occurs before the Effective Date of the relevant Order Form, Customer shall submit all source data to Company in a timely manner but not later than thirty (30) days of rendering its professional services eligible for reimbursement. Customer shall also provide Company with demographic information and clinical notes on each patient satisfactory to Company in order for Company to properly prepare billings on each patient account, and Customer will be solely responsible for the accuracy and completeness of such information provided to Company. Customer shall also provide appropriate banking arrangements for receipt of payments under such method as acceptable to Company for the proper accounting for receipt of payments by patients and TPPs of Customer. Customer shall also timely notify Company in writing of any claimed error which resulted from the RCM Services provided by Company and shall furnish Company with reasonable supporting documentation for such claim. Customer shall also be responsible for providing Company with updated information necessary for Company to properly bill Customer’s patients and such other information which Company may reasonably require from time to time to perform all RCM Services. Customer shall notify Company promptly when new medical providers join Customer. Customer shall also promptly provide Company with copies of all contracting and credentialing information and forms it receives from managed care plans and TPPs in order for Company to update its information with respect to such managed care plans and TPPs. Customer shall be responsible for providing Company with a current list of facilities where Customer provides medical services. Customer shall also be responsible for properly identifying the description of the facility in order for Company to properly bill for medical services provided at each facility. Further, Customer shall timely notify Company of any changes to the list of facilities from time to time as required. Customer shall provide Company with a list of managed care plans in which Customer participates. Customer will assist Company as necessary or reasonably requested by Company in obtaining negotiated reimbursement schedules from any managed care plan in which Customer participates. Company shall not be responsible for incorrect action taken on payments due to Customer’s failure to identify specific managed care plans, to obtain a full reimbursement schedule or to otherwise fail to provide the information or notices contemplated herein. Customer is solely responsible for procuring and maintaining necessary provider numbers and licenses to allow Company to provide the RCM Services herein. Customer will be responsible for performing all Customer Responsibilities delineated in the RCM Scope of Services Grid in a timely manner.

4. Fees and Payments.

As specified in an applicable RCM Services Order Form Customer shall pay to Company Fees for the RCM Services equaling the Monthly Additional Feature Fee plus the greater of: (1) the Monthly Collections Rate which calculates Fees as a percentage of total monthly collections and is based on the actual Net Collections per month (as defined below) collected by the Customer for medical services provided by the Customer’s medical providers, whether or not such medical services were billed to patients by Company; or (2) the Monthly Minimum Subscription Fee. For purposes of this Addendum, “Net Collections” shall mean gross collections collected less refunds. All Fees under this Addendum shall be paid per the terms of the Agreement.

5. Third Parties.

The RCM Services may be provided in conjunction with one or more third-party partners, and Customer hereby waives any and all liability and claims which Customer may have against Company or the partner in connection with the provision of RCM Services.

6. Exclusivity.

During the Term, Customer agrees to exclusively use Company for services related to billing patients and TPPs for medical services generated by Customer.

7. Limitations on Liability.

Customer shall notify Company or any inaccurate claims listed in a report within 10 days of delivery of such report. Once Customer provides such notice, Company will re-process any inaccurate claims, at Company’s expense. Notwithstanding any provision of the Agreement, Company shall have no liability for billing errors or other claim inaccuracies except for its obligation to re-submit any corrected claims pursuant to this paragraph.

8. Termination and Effect.

Either party may terminate the applicable RCM Services Order Form by providing 90 days’ written notice prior to the end of the then current term. Customer agrees that upon its termination for any reason other than a breach of the material terms of the Agreement, Company may at its election continue providing RCM Services to Customer on all accounts receivable as of the date of termination and for a period not less than 6 months thereafter, and Customer will pay Fees to Company for RCM Services rendered pursuant to the applicable Order Form during such time.

9. Miscellaneous.

Except as expressly provided in this Addendum, the terms of the Agreement are unchanged and shall remain in full force and effect. In the event of an inconsistency between this Addendum and the Agreement, the terms and conditions of this Addendum shall control as to RCM Services as provided pursuant to the Agreement.